1 // Copyright 2023 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 #ifndef TINK_INTERNAL_KEY_GEN_CONFIGURATION_IMPL_H_ 18 #define TINK_INTERNAL_KEY_GEN_CONFIGURATION_IMPL_H_ 19 20 #include "tink/internal/key_type_info_store.h" 21 #include "tink/key_gen_configuration.h" 22 23 namespace crypto { 24 namespace tink { 25 namespace internal { 26 27 constexpr absl::string_view kKeyGenConfigurationImplErr = 28 "Use crypto::tink::Registry instead when in global registry mode."; 29 30 class KeyGenConfigurationImpl { 31 public: 32 template <class KM> AddKeyTypeManager(std::unique_ptr<KM> key_manager,crypto::tink::KeyGenConfiguration & config)33 static crypto::tink::util::Status AddKeyTypeManager( 34 std::unique_ptr<KM> key_manager, 35 crypto::tink::KeyGenConfiguration& config) { 36 if (config.global_registry_mode_) { 37 return crypto::tink::util::Status(absl::StatusCode::kFailedPrecondition, 38 kKeyGenConfigurationImplErr); 39 } 40 return config.key_type_info_store_.AddKeyTypeManager( 41 std::move(key_manager), /*new_key_allowed=*/true); 42 } 43 44 template <class PrivateKM, class PublicKM> AddAsymmetricKeyManagers(std::unique_ptr<PrivateKM> private_key_manager,std::unique_ptr<PublicKM> public_key_manager,crypto::tink::KeyGenConfiguration & config)45 static crypto::tink::util::Status AddAsymmetricKeyManagers( 46 std::unique_ptr<PrivateKM> private_key_manager, 47 std::unique_ptr<PublicKM> public_key_manager, 48 crypto::tink::KeyGenConfiguration& config) { 49 if (config.global_registry_mode_) { 50 return crypto::tink::util::Status(absl::StatusCode::kFailedPrecondition, 51 kKeyGenConfigurationImplErr); 52 } 53 return config.key_type_info_store_.AddAsymmetricKeyTypeManagers( 54 std::move(private_key_manager), std::move(public_key_manager), 55 /*new_key_allowed=*/true); 56 } 57 58 static crypto::tink::util::StatusOr< 59 const crypto::tink::internal::KeyTypeInfoStore*> GetKeyTypeInfoStore(const crypto::tink::KeyGenConfiguration & config)60 GetKeyTypeInfoStore(const crypto::tink::KeyGenConfiguration& config) { 61 if (config.global_registry_mode_) { 62 return crypto::tink::util::Status(absl::StatusCode::kFailedPrecondition, 63 kKeyGenConfigurationImplErr); 64 } 65 return &config.key_type_info_store_; 66 } 67 68 // `config` can be set to global registry mode only if empty. SetGlobalRegistryMode(crypto::tink::KeyGenConfiguration & config)69 static crypto::tink::util::Status SetGlobalRegistryMode( 70 crypto::tink::KeyGenConfiguration& config) { 71 if (!config.key_type_info_store_.IsEmpty()) { 72 return crypto::tink::util::Status( 73 absl::StatusCode::kFailedPrecondition, 74 "Using the global registry is only allowed when KeyGenConfiguration " 75 "is empty."); 76 } 77 config.global_registry_mode_ = true; 78 return crypto::tink::util::OkStatus(); 79 } 80 IsInGlobalRegistryMode(const crypto::tink::KeyGenConfiguration & config)81 static bool IsInGlobalRegistryMode( 82 const crypto::tink::KeyGenConfiguration& config) { 83 return config.global_registry_mode_; 84 } 85 }; 86 87 } // namespace internal 88 } // namespace tink 89 } // namespace crypto 90 91 #endif // TINK_INTERNAL_KEY_GEN_CONFIGURATION_IMPL_H_ 92